 |
BALTECH Docs |
C API for BALTECH SDK
|
|
|
BALTECH Docs |
C API for BALTECH SDK
|
|
This command group regroups the commands needed for public key infrastructure (PKI)-based protocol encryption. More...
#include "../typedefs.h"Go to the source code of this file.
Macros | |
| #define | BRP_Pki_ErrCrypto BRP_ERR_STATUS(0x0900, 0x01) |
| Invalid Key used for encryption/MACing or MAC is invalid. More... | |
| #define | BRP_Pki_ErrTunnel BRP_ERR_STATUS(0x0900, 0x02) |
| It is not possible to tunnel this command. More... | |
| #define | BRP_Pki_ErrCert BRP_ERR_STATUS(0x0900, 0x03) |
| The certificate (or key) has invalid format or signature. More... | |
| #define | BRP_Pki_ErrSeqctr BRP_ERR_STATUS(0x0900, 0x04) |
| The sequence counter was too low. More... | |
| #define | BRP_Pki_ErrSeclevelUnsupported BRP_ERR_STATUS(0x0900, 0x05) |
| This security level has no key for authentication. More... | |
| #define | BRP_Pki_ErrSessionTimeout BRP_ERR_STATUS(0x0900, 0x06) |
| The security session timed out. More... | |
Functions | |
| brp_errcode | brp_Pki_PfsGenKey (brp_protocol protocol, brp_buf TmpHostPubKey, size_t TmpHostPubKey_len, brp_buf *TmpRdrPubKey, size_t *TmpRdrPubKey_len, brp_mempool *mempool) |
| This command prepares a perfect forward secrecy (PFS) session by exchanging the public part of temporary elliptic curve cryptography (ECC) keys generated by host and reader. More... | |
| brp_errcode | brp_Pki_PfsAuthHostCert (brp_protocol protocol, brp_buf EncryptedPayload, size_t EncryptedPayload_len) |
| This command authenticates the host's certificate chain to the reader. More... | |
| brp_errcode | brp_Pki_PfsAuthRdrCert (brp_protocol protocol, brp_buf *EncryptedResponse, size_t *EncryptedResponse_len, brp_mempool *mempool) |
| After successfully authenticating the host against the reader using the brp_Pki_PfsAuthHostCert() command, the reader must return its own certificate to the host in order the host to verify it. More... | |
| brp_errcode | brp_Pki_Tunnel2 (brp_protocol protocol, unsigned SequenceCounter, brp_buf CmdHMAC, brp_buf EncryptedCmd, size_t EncryptedCmd_len, brp_buf *RspHMAC, brp_buf *EncryptedRsp, size_t *EncryptedRsp_len, brp_mempool *mempool) |
| Runs a command in the Security Level authenticated by the brp_Pki_PfsGenKey(), brp_Pki_PfsAuthHostCert(), brp_Pki_PfsAuthRdrCert() commands sequence. More... | |
| brp_errcode | brp_Pki_GetX509Csr (brp_protocol protocol, brp_buf *Csr, size_t *Csr_len, brp_mempool *mempool) |
| Every reader is shipped with a unique ECC P-256 key, generated at the time of manufacturing. More... | |
| brp_errcode | brp_Pki_StoreX509Cert (brp_protocol protocol, unsigned SecLevel, brp_buf Cert, size_t Cert_len) |
| After signing a CSR using the brp_Pki_GetX509Csr() command, run this command to store the resulting in the reader's certificate store. More... | |
| brp_errcode | brp_Pki_StoreX509RootCert (brp_protocol protocol, unsigned SecLevel, brp_buf Cert, size_t Cert_len) |
| Every security level that should be usable with the PKI must be provided with a root certificate. More... | |
This command group regroups the commands needed for public key infrastructure (PKI)-based protocol encryption.
Definition in file pki.h.